Information protection poses a complex problem for individuals and businesses. Businesses in particular may find it difficult to protect information from unauthorized access and at the same time allow easy access by authorized users.
For example, it may be difficult to ensure that encrypted information may be recovered in the event that the key to decrypt the information is unavailable. If the key or keys necessary to access the information are lost (e.g., if a hardware cryptographic device is misplaced or if a key stored in a memory or magnetic medium is lost when the memory is inaccessible for some reason), the data may become either temporarily or permanently inaccessible.
Key escrow systems may be used to enable content recovery of encrypted information. Key escrow systems store a key to access encrypted information in a safe location so that the encrypted information may be later recovered. For example, an employee may have a key for decryption of data. The same key may also be stored in a central repository and may be accessed when needed by an appropriate person.
Alternately, “master key” encryption systems may also be used to enable data recovery. A master key system may encrypt data using both a user's public key and a master public key. In a corporation, each employee may have a personal public key, and may access the company public key for encrypting electronic documents. Either of the user's private key or the company private key may be used to decrypt the data, so that if the user's key is unavailable for some reason, the data may still be accessed.
Like reference symbols in the various drawings indicate like elements.